Vehicle Diagnostics Adapter Cybersecurity Concerns with Wireless Connectivity 2023-01-0034
Maintaining and diagnosing vehicle systems often involves a technician connecting a service computer to the vehicle diagnostic port through a vehicle diagnostics adapter (VDA). This creates a connection from the service software to the vehicle network through a protocol adapter. Often, the protocols for the personal computer (PC) hosted diagnostic programs use USB, and the diagnostic port provides access to the controller area network (CAN). However, the PC can also communicate to the VDA via WiFi or Bluetooth. There may be scenarios where these wireless interfaces are not appropriate, such as maintaining military vehicles. As such, a method to defeature the wireless capabilities of a typical vehicle diagnostic adapter is demonstrated without access to the source code or modifying the hardware. The process of understanding the vehicle diagnostic adapter system, its hardware components, the firmware for the main processor and subsystems, and the update mechanism is explored. Once the system and binary firmware were understood, a binary patch was created and deployed to the VDA to render the wireless features inoperable while maintaining the existing USB functionality. A series of functional tests were run on the system before and after the patching process, with the results showing that only the targeted wireless functionality was removed and other functions performed as expected. With the ability to patch the VDA demonstrated, the paper concludes by inserting additional features and functions for the VDA, which show how the VDA can be co-opted for offensive cyber operations (for example, manipulating engine hours or vehicle identification number). This exercise confirms the necessity of a more restrictive cybersecurity posture in automotive peripherals with access to critical systems, in particular VDAs, and especially when such peripherals present a wireless interface.